General
-
Target
3a0148e166753487640e4b7d129c3bad7ee3cf8403953b552240d17851bdafc8
-
Size
523KB
-
Sample
220201-mlx7psdea9
-
MD5
95f48e694a8beb8fd3a21a0b7ce73aa6
-
SHA1
6b5e94e8f94905be32eabc56ebf91ebd818dc61a
-
SHA256
3a0148e166753487640e4b7d129c3bad7ee3cf8403953b552240d17851bdafc8
-
SHA512
ac8df20bbbc36a77ef795ce047b942d3f0543f4baf92f4b9bf1df5ab8a31e6360c28c496ffbbda79c28408107d9fe9df4912ffd7cf25a532ce439ccd386b00a2
Static task
static1
Behavioral task
behavioral1
Sample
3a0148e166753487640e4b7d129c3bad7ee3cf8403953b552240d17851bdafc8.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
3a0148e166753487640e4b7d129c3bad7ee3cf8403953b552240d17851bdafc8.dll
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
3a0148e166753487640e4b7d129c3bad7ee3cf8403953b552240d17851bdafc8
-
Size
523KB
-
MD5
95f48e694a8beb8fd3a21a0b7ce73aa6
-
SHA1
6b5e94e8f94905be32eabc56ebf91ebd818dc61a
-
SHA256
3a0148e166753487640e4b7d129c3bad7ee3cf8403953b552240d17851bdafc8
-
SHA512
ac8df20bbbc36a77ef795ce047b942d3f0543f4baf92f4b9bf1df5ab8a31e6360c28c496ffbbda79c28408107d9fe9df4912ffd7cf25a532ce439ccd386b00a2
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Valak JavaScript Loader
-
Blocklisted process makes network request
-
Sets service image path in registry
-